Address review comments 7

Author: owen-mc

ql/src/Security/CWE-681/IncorrectIntegerConversion.ql

@@ -196,8 +196,8 @@ from
   DataFlow::PathNode source, DataFlow::PathNode sink, ConversionWithoutBoundsCheckConfig cfg,
   DataFlow::CallNode call
 where cfg.hasFlowPath(source, sink) and call.getResult(0) = source.getNode()
-select source.getNode(), source, sink,
+select sink.getNode(), source, sink,
   "Incorrect conversion of " +
     describeBitSize(cfg.getSourceBitSize(), getIntTypeBitSize(source.getNode().getFile())) +
-    " from " + call.getTarget().getQualifiedName() + " to a lower bit size type " +
-    sink.getNode().getType().getUnderlyingType().getName() + " without an upper bound check."
+    " from $@ to a lower bit size type " + sink.getNode().getType().getUnderlyingType().getName() +
+    " without an upper bound check.", source, call.getTarget().getQualifiedName()

ql/src/semmle/go/Files.qll

@@ -219,9 +219,7 @@ class File extends Container, @file, Documentable, ExprParent, GoModExprParent,
    * which can be 32 or 64.
    */
   predicate explicitlyConstrainsIntBitSize(int bitSize) {
-    exists(BuildConstraintComment bcc, string bc |
-      this = bcc.getFile() and bc = bcc.getText().splitAt("+build ", 1)
-    |
+    exists(BuildConstraintComment bcc | this = bcc.getFile() |
       forex(string disjunct | disjunct = bcc.getADisjunct() |
         disjunct.splitAt(",").(Architecture).getBitSize() = bitSize
       )
@@ -234,9 +232,9 @@ class File extends Container, @file, Documentable, ExprParent, GoModExprParent,
    * architecture of bit size `bitSize`, which can be 32 or 64.
    */
   predicate implicitlyConstrainsIntBitSize(int bitSize) {
-    this
-        .getStem()
-        .regexpMatch(".*_" + any(Architecture arch | arch.getBitSize() = bitSize) + "(_test)?")
+    exists(Architecture arch | arch.getBitSize() = bitSize |
+      this.getStem().regexpMatch("(?i).*_\\Q" + arch + "\\E(_test)?")
+    )
   }
 
   override string toString() { result = Container.super.toString() }